diff options
| author | aapostoliuk <a.apostoliuk@vyos.io> | 2023-01-18 19:15:44 +0200 |
|---|---|---|
| committer | aapostoliuk <a.apostoliuk@vyos.io> | 2023-01-18 19:15:44 +0200 |
| commit | 7a663a75dc8b2f9842b72a05e17240edb4008849 (patch) | |
| tree | 7bde236898035b5f95f54ae2d1ee7bd25bb6ebad /interface-definitions | |
| parent | 6b2e7dc343eaf2e5eabbacb0d4b6440fb04ada94 (diff) | |
| download | vyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.tar.gz vyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.zip | |
ipsec: T4925: Added PRF into IKE group
Added the possibility to configure Pseudo-Random Functions (PRF)
in IKE group
set vpn ipsec ike-group <Ike-grp> proposal <number> prf <PRF>
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/vpn-ipsec.xml.in | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/interface-definitions/vpn-ipsec.xml.in b/interface-definitions/vpn-ipsec.xml.in index fd74a51d7..fa12d999c 100644 --- a/interface-definitions/vpn-ipsec.xml.in +++ b/interface-definitions/vpn-ipsec.xml.in @@ -465,6 +465,45 @@ </properties> <defaultValue>2</defaultValue> </leafNode> + <leafNode name="prf"> + <properties> + <help>Pseudo-Random Functions</help> + <completionHelp> + <list>prfmd5 prfsha1 prfaesxcbc prfaescmac prfsha256 prfsha384 prfsha512</list> + </completionHelp> + <valueHelp> + <format>prfmd5</format> + <description>MD5 PRF</description> + </valueHelp> + <valueHelp> + <format>prfsha1</format> + <description>SHA1 PRF</description> + </valueHelp> + <valueHelp> + <format>prfaesxcbc</format> + <description>AES XCBC PRF</description> + </valueHelp> + <valueHelp> + <format>prfaescmac</format> + <description>AES CMAC PRF</description> + </valueHelp> + <valueHelp> + <format>prfsha256</format> + <description>SHA2_256 PRF</description> + </valueHelp> + <valueHelp> + <format>prfsha384</format> + <description>SHA2_384 PRF</description> + </valueHelp> + <valueHelp> + <format>prfsha512</format> + <description>SHA2_512 PRF</description> + </valueHelp> + <constraint> + <regex>(prfmd5|prfsha1|prfaesxcbc|prfaescmac|prfsha256|prfsha384|prfsha512)</regex> + </constraint> + </properties> + </leafNode> #include <include/vpn-ipsec-encryption.xml.i> #include <include/vpn-ipsec-hash.xml.i> </children> |